API: Event Submission


Events can be sent into Loggly via syslog or HTTP/S. If you need to configure your servers to send Loggly data via a syslog based service, please refer to the logging from *nix page.

To send in events via the API, through HTTP/S, you’ll use the hostname logs.loggly.com (instead of the [subdomain].loggly.com format used by the other API calls). The API supports both HTTP and HTTPS, and use a unique string, known as a Customer Token in the URL for validation. These tokens can be generated via Source Setup of you Loggly account. Here’s an example input URL:


To create an HTTP/S input, log in to your account, then navigate to the Incoming Data tab. Click on the add input button and then provide an input name and description for the input:

Once you create an HTTP/S input, you’ll be taken to the input detail page, which will contain the URL you can use to send data to that particular input. If you need to rotate the SHA-2 key associated to a particular input, you can click on the generate new URL button at the bottom of the input detail page.  WARNING: This will invalidate all previous keys.


You can test the newly created input by sending in some test POST data via curl:

curl -H "content-type:text/plain" -d " - there's no place like home" https://logs.loggly.com/inputs/83e527d7-fad3-4d93-89da-0c2d8c0bcd6c

Keep in mind that the unique token above is an example, and you’ll need your own key in there for it to work!

If you don’t have curl, you can use wget instead:

wget --quiet -O - --header "content-type:text/plain" --post-data " - there's no place like earth" https://logs.loggly.com/inputs/83e527d7-fad3-4d93-89da-0c2d8c0bcd6c

The JSON result from a successful POST is shown below.

{ 'response': 'ok' }


If you are sending us events via HTTP/S, you must correctly encode your POST data. If we see a header with ‘application/x-www-form-urlencoded’ as the content-type, we’ll convert it to JSON it before storing it in your account. If we see a header with ‘text/plain’ as the content-type, we will leave the content alone and store it as regular text in your account.

Both curl and wget set the content-type to ‘application/x-www-form-urlencoded’ by default. You’ll need to set the content-type to ‘text/plain’ to store plain text events in your HTTP/S inputs.

Note: Some tools or libraries may add the URL-encoded header even though they may not actually encode the POST data. If you don’t encode your POST data, but the headers are set, you may see your data converted to JSON format.

Response Codes

These are fairly standard HTTP/RESTful response codes. From time to time we’ll use them in our replies to your queries.

Status Message Description
200 OK Indicates that the request was successful.
201 Created The object was successfully created. This is for a POST call.
204 Deleted The object was deleted. This pertains to DELETE calls.
400 Bad Request Check your request parameters. You might be using an unsupported parameter or have a malformed something or another.
401 Unauthorized Either your credentials specified were invalid.
403 Forbidden User does not have privileges to execute the action.
404 Not Found The resource you have referenced could not be found.
409 Conflict/Duplicate There was some conflict. Most likely you are trying to create a resource that already exists.
410 Gone You have referenced an object that does not exist.
500 Internal Server Error There has been an error from which Loggly could not recover. We are likely notified when this happens.
501 Not Implemented You are trying to access functionality that is not implemented. Yet.
503 Throttled Like a needy child, you are overloading us with requests for events. Try again later.